KR20120084184A - A smartphone malicious code blocking method based on white list and the recording medium thereof - Google Patents
A smartphone malicious code blocking method based on white list and the recording medium thereof Download PDFInfo
- Publication number
- KR20120084184A KR20120084184A KR1020110005583A KR20110005583A KR20120084184A KR 20120084184 A KR20120084184 A KR 20120084184A KR 1020110005583 A KR1020110005583 A KR 1020110005583A KR 20110005583 A KR20110005583 A KR 20110005583A KR 20120084184 A KR20120084184 A KR 20120084184A
- Authority
- KR
- South Korea
- Prior art keywords
- application
- white list
- smartphone
- installation
- malicious code
- Prior art date
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/006—Identification
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/0703—Error or fault processing not based on redundancy, i.e. by taking additional measures to deal with the error or fault not making use of redundancy in operation, in hardware, or in data representation
- G06F11/0706—Error or fault processing not based on redundancy, i.e. by taking additional measures to deal with the error or fault not making use of redundancy in operation, in hardware, or in data representation the processing taking place on a specific hardware platform or in a specific software environment
- G06F11/0745—Error or fault processing not based on redundancy, i.e. by taking additional measures to deal with the error or fault not making use of redundancy in operation, in hardware, or in data representation the processing taking place on a specific hardware platform or in a specific software environment in an input/output transactions management context
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Quality & Reliability (AREA)
- Computer Hardware Design (AREA)
- Health & Medical Sciences (AREA)
- Virology (AREA)
- General Health & Medical Sciences (AREA)
- Telephone Function (AREA)
Abstract
A white list-based smartphone malware blocking method and recording medium for registering an application that can be installed on a smartphone in a server on a white list and storing the application that is registered in the white list on a smartphone, the method comprising: (a) Monitoring whether a new application is installed on the smartphone; (b) if the installation of the application is detected, extracting identification information of the application; (c) transmitting the identification information of the application to the server; (d) receiving a result from the server determining whether the application is registered in the white list; And (e) if the application is registered in the white list, proceeding with the installation of the application.
By the above devices and methods, by blocking or withholding the installation of malicious applications that may infect malware on the smartphone, the installation of unvalidated applications prevents the smartphone from being infected with malware and improves the security level. It can increase.
Description
The present invention relates to a white list-based smart phone malicious code blocking method and a recording medium in which a server registers and installs an application installable on a smartphone in a white list, and installs only an application registered in the white list on a smartphone.
In addition, the present invention protects the smartphone from malicious code and malicious applications that threaten information protection in the smartphone environment, and white list-based smart to prevent information leakage or secondary damage caused by malware infection It relates to a phone malicious code blocking method and a recording medium thereof.
In addition, the present invention develops an application that operates on a smartphone operating as an open source OS based on a built-in white list DB, so that only the installation of a verified application is allowed, thereby potentially infecting malicious code. The present invention relates to a white list-based smartphone malicious code blocking method and a recording medium which prevents malicious code infection by blocking an unvalidated smartphone application or suspending installation.
In general, an operating system of a mobile terminal may be classified into a Real Time OS (RTOS) and a General Purpose OS (GPOS). In general, RTOS is classified as a dedicated operating system of a voice-oriented terminal such as REX, and GPOS is classified as a general-purpose operating system installed in a terminal such as a smartphone.
Mobile terminals equipped with RTOS provide a variety of middleware, including Java VM, BREW, WIPI, Mocha, and infineon. The terminal basic software includes a communication function and an operating system for a voice call. CDMA uses REX and GSM uses Nucleus and Kadak as the basic operating systems. The hardware diversity along with the functional diversity of mobile applications has pushed the RTOS to handle a variety of multimedia in mobile environments.
Therefore, the mobile operating system was developed in the direction of optimizing for mobile while maintaining the PC-class operating system structure, and the emergence of smart phone was made. As mobile devices have evolved from feature phones to smartphones, the development of mobile platforms has accelerated, leading Microsoft to commercialize Windows Mobile, Apple to iPhone, and Google to Android platforms. They partially support multitasking, so they are better in performance than traditional feature phones, and are open architectures that provide a standardized development environment for all users and developers in a closed architecture that develops their own applications according to an open environment. It is developing. In particular, mobile platform providers such as Apple and Google focus on building a virtuous cycle that encourages the development and use of many applications through open markets based on their mobile operating systems, and encourages more users to develop more applications. have.
Mobile terminals are also exposed to various security threats, and mobile security technologies are continuously emerging to cope with them. However, with the development of mobile terminals, the security threats of smartphones due to mobile malware continue to increase with the activation of networking services. Attack tools that attack smartphones have a variety of intrusion methods and purposes. Attack types of smartphones are mainly attempted for the purpose of device malfunction, information leakage, and financial gain.
Mobile malware is rapidly increasing in size with the growth of mobile devices, and threat factors are diversifying. The reason for the increase in mobile malware is the increase in the number of open terminals that can produce and distribute malicious codes for malicious purposes, and provide cellular communication methods such as W-CDMA and CDMA-2000, while providing Bluetooth, Wi-Fi and USB. This can be attributed to the diversification of external connections. Mobile malware is changing from the early simple propagation or paralyzing the functional operation of the terminal for the purpose of personal information leakage and financial gain. Reflecting the characteristics of the main activities of mobile malware existing to date, it can be classified into the following five types.
Battery-consuming malware is a type of attack that drains the battery by continually consuming the power of the terminal. Cabir, the first mobile malware to spread via Bluetooth, is a prime example. Cabir does not cause the invasion of the terminal, but continuously scans the Bluetooth of nearby terminals, and has the characteristic of spreading malicious codes through Bluetooth. Infected terminals are subject to battery depletion through continuous scanning.
Terminal failure-inducing malware is a type of attack that makes the use of a terminal impossible or causes a failure. Skulls is a type of device paralyzing malware that paralyzes the device. Changes all menu icons to skeletons and disables add-ons other than calls. Locknut has the characteristic of breaking some key buttons of the terminal. In addition, Gavno appeared to paralyze the transmission and reception of telephones.
Information leakage malware is a type of attack that leaks information of infected terminals or user information to the outside. Infojack is installed with the .cab installation file when legitimate applications are downloaded to the terminal. After installation, Infojack connects to a specific web server and downloads and reinstalls the rest of Infojack. After the installation is completed, the terminal's security settings are changed and the terminal's serial number, OS, and installed applications are transmitted to the outside to facilitate the secondary attack. Malware that leaks user information to the outside is Flexispy, PBStealer. Flexispy is a commercial malware in the form of spyware that has the ability to send phone logs and text messages from a smartphone to a specific web server.
Billing-induced malware is a type of attack that generates billing by continuously attempting a message service or phone attempt. In the case of RedBrowser for J2ME platform made in Russia, the infected terminal is a malicious code that causes monetary damages to users by sending SMS to unspecified users without the user's knowledge. In addition, the Kiazha malware found in China has appeared a malicious code that deletes text messages stored on the terminal along with a warning message asking the user for money on the infected terminal screen.
Cross-platform malware is a type of attack that infects PCs via mobile devices. Cardtrap.A is the first cross-platform malware to copy the Windows worm to the phone's memory card, which automatically infects the PC through autorun when the infected phone memory card is inserted into the PC, thereby deleting data or reducing performance. Make. It has a new type of attack in that it infects a PC on a mobile device rather than spread among mobile devices.
Open mobile terminals are capable of producing various contents because anyone can produce or distribute contents. This may be an advantage, but security threats in mobile environments are expected to increase due to the possibility of producing and distributing applications containing malicious code. The security aspects of applications designed for the safe use of mobile devices in an open mobile environment are summarized by smartphone OS as follows.
First of all, Google's Android OS is a Linux-based OS that has many similarities to Linux security policy. When the application is installed in the terminal is given a unique USER ID and GROUP ID. By default, files created by an application to which a user ID is assigned cannot be read or written by an application with a different user ID. If there is a system resource that the application wants to use, the system resource to be used should be entered in <usespermission> tag of AndroidManifetst.xml file in the application development stage to declare the required permission. An application installed without input limits the use of system resources by the terminal. Every Android application must sign with its private key using the developer's certificate. The certificate is used only to prove the identity of the application developer and does not need to be issued by a trusted certificate authority. Self-signed certificates are also available. Therefore, the security policy is not higher than that of Symbian and Windows Mobile, and since the OS source code is disclosed, it is expected to be more vulnerable than other commercial mobile OS.
In Microsoft's Windows Mobile 6 security model, permission is determined by the permission policy of the application. Developers wishing to deploy applications on Windows Mobile 6 devices must undergo code certification by Microsoft. The permissions of the application are divided into Privileged, Normal, and Block as follows. "Privileged" is a "Trusted" permission that allows all API calls to access system resources, writes to all areas of the registry, and accesses to all files, and "Normal" means some APIs cannot be called. Writing to the registry or file in the protected area is an "Untrusted" permission. "Blocked" is a "Locked" permission that does not allow the application to run. Permissions are determined by the level of the certificate when signing the code (signing).
White list is a service that is performed based on a list of verified applications unlike vaccines using a DB based on a conventional black list based on a reputation-based service.
In the past, the purpose of reputation-based technologies or services was to define the characteristics of a product or program based on the user's evaluation, but the current reputation-based technologies aim to cope with malware that has not been collected / analyzed. do.
Reputation-based products will be installed in commercial security products as the core of smartphone terminal security. Traditionally, as soon as malicious code emerged, it has focused on preventing damage to the minimum so that the first one or two people can't spread anymore. Each security company runs a network, community, etc. that collects samples automatically, with the explicit consent of the customer, to collect them quickly.
However, unlike the previous computer crashed or slowed down, the current malware performs its purpose after infiltration without the user's knowledge. In the past, when an abnormal symptom occurred on a PC, a user could easily identify a file deletion or crash, and in the process of resolving the problem, found a file suspected of malware and reported it. In the past, the speed of propagation was slow because they were not connected to each other by network, but now, there is no symptom of infection, and it is difficult for users to find and report malware by hiding themselves. Moreover, it hacks well-known web servers and instantly spreads them all over the world.
The only solution is to automatically collect the data quickly and analyze whether it is malicious or not, and the collected data is automatically analyzed and used for privacy. Unlike the early days of reversing only the structure of malicious code, it is now required to analyze and process large amounts of data and to operate servers.
However, since malware is changing to attack a specific class or a specific person rather than an unspecified number, fast collection, fast processing, and quick distribution are not enough. Victims of attacks targeting a small number of victims and specific individuals who are infected before malware is difficult to protect and may be excluded from automatic collection if a limited number is targeted and attacked.
In order to deal with such uncollected and unresolved malicious codes, a reputation base has emerged. In a system that operates on reputation-based systems, it first checks whether a program is safe and not harmful. In this process, several types of program DBs are mainly used. In this case, queries may occur over the network. If it is not confirmed as a safe program, information about this program is downloaded from the server. It allows you to download information such as when the program was discovered, how many people are using it, what people are using it, and what the program is doing.
The new reputation-based technology, unlike its predecessor, displays a warning window but does not display a neutral message with very low frequency and difficult technical content. For example, "An analysis of the file to be installed / downloaded / executed has not been performed yet. "Block until it is analyzed." And encourage the user to make a decision (usually a block). Fast data collection, automatic analysis, and a large white list (whitelist) database allow users to be very uncomfortable if a decision is made wrong. Currently, malware analysis can be handled mostly in tens of minutes or a few days, so new programs do not run for several days until the end of the analysis or only a few programs are used to request a separate request directly from the analysis center.
For operating system updates or popular programs, you can use the white list DB without having to wait for analysis. White list Install only well-known software on a database basis and run only verified programs. In the past, there was no way to build or manage a large amount of white list database database, so the PC was protected with a black list-based product. Done Reputation-based technology protects against malicious code and targeted attacks before analysis.
An object of the present invention is to solve the problems as described above, the white list-based smart to register the application that can be installed on the smartphone in the server to the white list, and to install only the application registered in the white list on the smartphone It provides a method for blocking phone malware and its recording medium.
That is, the purpose of the present invention is to allow a white list, unlike the existing techniques for detecting / treating smartphone malware mainly on mobile vaccines to prevent the spread of infection by analyzing information collected after the infection of malware. It provides a white list based smartphone malicious code blocking method and its recording medium that prevents malicious code infection in advance through malicious application download / installation blocking method to prevent malware based infection.
In order to achieve the above object, the present invention relates to a malicious code blocking method by a malicious code blocking system installed in a smartphone, wherein the malicious code blocking system stores an application list (hereinafter, a white list) that can be installed in the smartphone. Connecting to a server, the method comprising: (a) monitoring whether a new application is installed on the smartphone; (b) if the installation of the application is detected, extracting identification information of the application; (c) transmitting identification information of the application to the server; (d) receiving a result from the server determining whether the application is included in the white list; And (e) if the application is included in the white list, proceeding with the installation of the application.
In addition, the present invention relates to a method for blocking malicious code by a malicious code blocking system installed in a smartphone, the malicious code blocking system is connected to the server for storing the application list (hereinafter white list) that can be installed on the smartphone and The method comprises: (a) monitoring an event occurring in an operating system of the smartphone to monitor whether a new application is installed; (b) if the installation of the application is detected, extracting identification information of the application by analyzing the information of the application; (c) transmitting identification information of the application to the server; (d) receiving a query result for the application from the server and analyzing the query result to determine whether the application is included in the white list; And (e) if the application is included in the white list, proceeding with the installation of the application.
In another aspect, the present invention provides a white list-based smart phone malicious code blocking method, the method, (f) if the application is not included in the white list, receiving a response whether the application is installed through the smartphone step; (g) if a response is received to install, proceeding with the installation of the application; And, (h) canceling the installation of the application if the response is determined to not be installed.
In addition, the present invention is a white list-based smart phone malicious code blocking method, the identification information of the application is characterized in that it comprises the installation file name and installation information of the application.
In addition, the present invention relates to a white list-based smartphone malicious code blocking method by a server having a database for storing a list of applications (hereinafter referred to as a white list) that can be installed on a smartphone, and receiving and responding to a query from the smartphone. (a) receiving a search request of an application from the smartphone; (b) searching for whether a search request application exists in the white list; (c) if the information of the application exists in the white list, sending a response that the application is a verified application; And (d) if the application information does not exist in the white list, sending a response that the application is an unverified application.
The present invention also relates to a computer-readable recording medium recording a program for executing the white list-based smart phone malicious code blocking method.
As described above, according to the white list-based smart phone malicious code blocking method and the recording medium according to the present invention, by unblocking or suspending the installation of malicious applications that may infect the smart phone malware, By installing, the effect of preventing the smartphone from being infected with malware and increasing the security level is obtained.
Specifically, the following effects are obtained.
First, in terms of academics, it is possible to develop a lightweight but practical security technology by applying a reputation-based service concept in consideration of the resource limitations of a portable mobile terminal such as a smartphone.
Second, it can be used in smartphones based on an open operating system (OS), and unlike conventional mobile vaccines, it prevents secondary damage such as infection to other devices as a method to prevent infection in advance and protects user's privacy. It can solve the problem leading to the damage.
1 is a diagram showing an example of the overall system configuration for implementing the present invention.
2 is a flowchart illustrating a method for blocking white code based smartphone malicious code by an application of a smartphone according to a first embodiment of the present invention.
3 is a flowchart illustrating a method for blocking white list-based smartphone malicious codes by an application of a smartphone according to a second embodiment of the present invention.
4 is a flowchart illustrating a method for blocking whitelist based smartphone malicious code by a server according to an embodiment of the present invention.
Description of the Related Art [0002]
10: mobile terminal 21: mobile communication network
22: network 30: anti-malware applications
40: server 50: database
60: content server
DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS Hereinafter, the present invention will be described in detail with reference to the drawings.
In addition, in describing this invention, the same code | symbol is attached | subjected and the repeated description is abbreviate | omitted.
First, examples of the overall system configuration for implementing the present invention will be described with reference to FIG.
As shown in Figure 1, the entire system for implementing the present invention is composed of a
The
The
The
The malicious
The malicious
In this case, the malicious
Next, the features of the present invention will be described in more detail.
While the conventional method of detecting / treating smartphone malware mainly on mobile vaccines is to prevent the spread of infection by analyzing the information collected after the infection of the malware, the present invention provides a white list. By preventing malicious application download / installation, it prevents malicious code infection in advance.
Based on a reputation-based service, an allow list (or white list), which is a list of verified applications among applications that can be downloaded by users, is constructed. When a user downloads an application and attempts to install it, the user checks whether the application is registered in a white list and installs it. That is, while the conventional technology uses an existing blacklist as a reputation-based service, the present invention uses a white list as a reputation-based service. It alerts you to the dangers of unverified applications and allows you to suspend installation.
Open mobile operating systems (such as Android OS) handle events that occur when a user downloads an application for installation. Therefore, the white list DB list is compared with the application information, and the installation is verified in advance. That is, the malicious code blocking method according to the present invention checks whether the application is verified before the installation is executed when the user downloads an application to be installed on the
That is, as to whether the verified application is verified, the list of the verified applications is updated in the white list DB built on the reputation and can be confirmed in conjunction with the DB.
In addition, with regard to the suspension of installation and blocking of unvalidated applications, if the application that the user intends to install is not in the white list DB list, the application is warned that the unvalidated application is suspended or blocked.
Next, a method of blocking a white list-based smartphone malicious code by an application of the smartphone according to the first embodiment of the present invention will be described in more detail with reference to FIG. 2.
As shown in FIG. 2, an application executed in the background of the
If the installation of the application is not detected in the
The application information and the extracted identification information (installation file name, etc.) are transmitted to the white list server (or malware blocking server) 40 (104).
The
If the information of the corresponding application exists in the white list DB 50 (106), the application is installed as it is (107).
If a response is received that there is no information of the application to be installed in the
Finally, the application is monitored again for installation.
Next, a method of blocking a white list-based smartphone malicious code by an application of a
As shown in Figure 3, when the application is executed in real time to monitor whether the installation event of a new application occurs in the operating system (OS) of the
If the user executes the installation file for installing a new application, the user detects an event occurring in the OS (202). If the event does not occur, the installation event is continuously monitored in the background of the
If the installation of a new application is detected, information of the application is analyzed (203). Based on the analyzed information, identification information such as an installation file name and other information of the application is extracted (204).
The interlocking operation for communicating with the
The
When the
If the application information exists in the white list, the installation proceeds without outputting a separate warning message to the user, and when the installation is completed, the installation event of the new application is monitored again (210).
If the user is not listed, the user outputs a warning message and waits to receive a response to install. Receive a
After the installation is canceled, new application installation is monitored in real time, and when a new application installation event is detected, the method is checked again.
Next, a method of blocking a white list-based smartphone malicious code by an application of the smartphone according to an embodiment of the present invention will be described in more detail with reference to FIG. 4. 4 is a method in which the malicious
As shown in FIG. 4, the
When a query comes in from the
The white list checks whether the information of the corresponding application exists in the DB 50 (305). If the information of the application is stored in the list, and sends a response that the verified application to the
After completing the response to the
As mentioned above, although the invention made by this inventor was demonstrated concretely according to the Example, this invention is not limited to an Example and can be variously changed in the range which does not deviate from the summary.
The present invention is useful for developing an application for a smartphone that registers and stores an application installable on a smartphone in a white list on a server, and installs only the application registered in the white list on a smartphone.
Claims (6)
(a) monitoring whether a new application is installed on the smartphone;
(b) if the installation of the application is detected, extracting identification information of the application;
(c) transmitting identification information of the application to the server;
(d) receiving a result from the server determining whether the application is included in the white list; And,
(e) if the application is included in the white list, the white list-based smart phone malicious code blocking method comprising the step of proceeding with the installation of the application.
(a) monitoring an event occurring in an operating system of the smartphone to monitor whether a new application is installed;
(b) if the installation of the application is detected, extracting identification information of the application by analyzing the information of the application;
(c) transmitting identification information of the application to the server;
(d) receiving a query result for the application from the server and analyzing the query result to determine whether the application is included in the white list; And,
(e) if the application is included in the white list, the white list-based smart phone malicious code blocking method comprising the step of proceeding with the installation of the application.
(f) if the application is not included in the white list, receiving a response indicating whether the application is installed through the smart phone;
(g) if a response is received to install, proceeding with the installation of the application; And,
(h) if the response is not installed, white-based smart phone malicious code blocking method further comprising the step of canceling the installation of the application.
Identification information of the application is a white list-based smartphone malicious code blocking method comprising the installation file name and installation information of the application.
(a) receiving a search request of an application from the smartphone;
(b) searching for whether a search request application exists in the white list;
(c) if the information of the application exists in the white list, sending a response that the application is a verified application; And,
and (d) if the information of the application does not exist in the white list, sending a response indicating that the application is an unverified application.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020110005583A KR20120084184A (en) | 2011-01-19 | 2011-01-19 | A smartphone malicious code blocking method based on white list and the recording medium thereof |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020110005583A KR20120084184A (en) | 2011-01-19 | 2011-01-19 | A smartphone malicious code blocking method based on white list and the recording medium thereof |
Publications (1)
Publication Number | Publication Date |
---|---|
KR20120084184A true KR20120084184A (en) | 2012-07-27 |
Family
ID=46715194
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR1020110005583A KR20120084184A (en) | 2011-01-19 | 2011-01-19 | A smartphone malicious code blocking method based on white list and the recording medium thereof |
Country Status (1)
Country | Link |
---|---|
KR (1) | KR20120084184A (en) |
Cited By (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR101286711B1 (en) * | 2013-03-28 | 2013-07-16 | 주식회사 이스턴웨어 | System and method for preventing malicious codes of mobile terminal |
WO2014058211A1 (en) * | 2012-10-08 | 2014-04-17 | 주식회사 안랩 | Computer system and method of using white list of said computer system |
KR200473812Y1 (en) * | 2014-04-07 | 2014-08-01 | 김범수 | USB flash memory for publicity |
KR101472321B1 (en) * | 2013-06-11 | 2014-12-12 | 고려대학교 산학협력단 | Malignant code detect method and system for application in the mobile |
KR101483107B1 (en) * | 2013-04-02 | 2015-01-15 | 비젠 주식회사 | Method for managing software install and system realizing it |
KR20150008033A (en) * | 2014-12-30 | 2015-01-21 | 주식회사 안랩 | Method and apparatus for inspecting malicious code of a mobile terminal |
KR101628837B1 (en) | 2014-12-10 | 2016-06-10 | 고려대학교 산학협력단 | Malicious application or website detecting method and system |
KR101693249B1 (en) | 2015-09-08 | 2017-01-06 | 충북대학교 산학협력단 | System and method for managing application |
US9680853B2 (en) | 2014-06-26 | 2017-06-13 | Samsung Electronics Co., Ltd | Apparatus and method for preventing malicious code in electronic device |
US9967702B2 (en) | 2015-08-12 | 2018-05-08 | Samsung Electronics Co., Ltd. | Method of managing application and electronic device therefor |
KR101876458B1 (en) * | 2016-11-17 | 2018-07-09 | 주식회사 에스티유니타스 | Method, apparatus and appication for displaying educational contents |
US10380378B2 (en) | 2015-09-24 | 2019-08-13 | Samsung Electronics Co., Ltd. | Apparatus and method for protecting information in communication system |
CN112434297A (en) * | 2020-12-29 | 2021-03-02 | 成都立鑫新技术科技有限公司 | Method for detecting mobile phone security in public place |
-
2011
- 2011-01-19 KR KR1020110005583A patent/KR20120084184A/en not_active Application Discontinuation
Cited By (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2014058211A1 (en) * | 2012-10-08 | 2014-04-17 | 주식회사 안랩 | Computer system and method of using white list of said computer system |
KR101286711B1 (en) * | 2013-03-28 | 2013-07-16 | 주식회사 이스턴웨어 | System and method for preventing malicious codes of mobile terminal |
KR101483107B1 (en) * | 2013-04-02 | 2015-01-15 | 비젠 주식회사 | Method for managing software install and system realizing it |
KR101472321B1 (en) * | 2013-06-11 | 2014-12-12 | 고려대학교 산학협력단 | Malignant code detect method and system for application in the mobile |
KR200473812Y1 (en) * | 2014-04-07 | 2014-08-01 | 김범수 | USB flash memory for publicity |
US9680853B2 (en) | 2014-06-26 | 2017-06-13 | Samsung Electronics Co., Ltd | Apparatus and method for preventing malicious code in electronic device |
KR101628837B1 (en) | 2014-12-10 | 2016-06-10 | 고려대학교 산학협력단 | Malicious application or website detecting method and system |
KR20150008033A (en) * | 2014-12-30 | 2015-01-21 | 주식회사 안랩 | Method and apparatus for inspecting malicious code of a mobile terminal |
US9967702B2 (en) | 2015-08-12 | 2018-05-08 | Samsung Electronics Co., Ltd. | Method of managing application and electronic device therefor |
KR101693249B1 (en) | 2015-09-08 | 2017-01-06 | 충북대학교 산학협력단 | System and method for managing application |
US10380378B2 (en) | 2015-09-24 | 2019-08-13 | Samsung Electronics Co., Ltd. | Apparatus and method for protecting information in communication system |
KR101876458B1 (en) * | 2016-11-17 | 2018-07-09 | 주식회사 에스티유니타스 | Method, apparatus and appication for displaying educational contents |
CN112434297A (en) * | 2020-12-29 | 2021-03-02 | 成都立鑫新技术科技有限公司 | Method for detecting mobile phone security in public place |
CN112434297B (en) * | 2020-12-29 | 2024-02-20 | 成都立鑫新技术科技有限公司 | Method for detecting safety of mobile phone in public place |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
KR20120084184A (en) | A smartphone malicious code blocking method based on white list and the recording medium thereof | |
Ahvanooey et al. | A survey on smartphones security: software vulnerabilities, malware, and attacks | |
Jeon et al. | A practical analysis of smartphone security | |
Seo et al. | Detecting mobile malware threats to homeland security through static analysis | |
Bugiel et al. | Xmandroid: A new android evolution to mitigate privilege escalation attacks | |
US20210264030A1 (en) | Integrated application analysis and endpoint protection | |
EP2769324A1 (en) | System and method for whitelisting applications in a mobile network environment | |
WO2014168954A1 (en) | Security policies for loading, linking, and executing native code by mobile applications running inside of virtual machines | |
EP2769327A1 (en) | System and method for whitelisting applications in a mobile network environment | |
GB2505284A (en) | Anti-ransomware tool for mobile apparatus | |
Choi et al. | Personal information leakage detection method using the inference-based access control model on the Android platform | |
Schmidt et al. | Malicious software for smartphones | |
Ito et al. | Detecting privacy information abuse by android apps from API call logs | |
KR20160039234A (en) | Systems and methods for enhancing mobile security via aspect oriented programming | |
CN113987468A (en) | Security check method and security check device | |
Agematsu et al. | A proposal to realize the provision of secure android applications--adms: An application development and management system | |
KR20160145574A (en) | Systems and methods for enforcing security in mobile computing | |
Bezobrazov et al. | Artificial immune system for Android OS | |
Blasco et al. | Detection of app collusion potential using logic programming | |
Aldoseri et al. | A Tale of Four Gates: Privilege Escalation and Permission Bypasses on Android Through App Components | |
Ugus et al. | A leaky bucket called smartphone | |
Karthick et al. | Static analysis tool for identification of permission misuse by android applications | |
Yıldırım et al. | A research on software security vulnerabilities of new generation smart mobile phones | |
Yan et al. | ActivityShielder: an activity hijacking defense scheme for Android devices | |
Faqiry et al. | SCRUTINIZING PERMISSION BASED ATTACK ON ANDROID OS PLATFORM DEVICES. |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
A201 | Request for examination | ||
E601 | Decision to refuse application |